[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH 08/11] Don't allow renaming of domains by the backdoor



On 05/03/2013 10:37 AM, Daniel P. Berrange wrote:

>>>  
>>> +    /* Not strictly ABI related, but we want to make sure domains
>>> +     * don't get silently re-named through the backdoor when passing
>>> +     * custom XML into various APIs, since this would create havoc
>>> +     */
>>> +    if (STRNEQ(src->name, dst->name)) {
>>> +        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
>>> +                       _("Target domain name '%s' does not match source '%s'"),
>>> +                       dst->name, src->name);
>>> +        return false;
>>> +    }
>>
>> The code makes sense, but I'd feel better delaying my ack until getting
>> confirmation that I'm correctly interpreting that rename is
>> intentionally denied on 'virsh save/restore', and rename during
>> migration is allowed only through the dname argument, after dxml is
>> already validated against the pre-rename xml.
> 
> Yes, rename is intentionally denied in save/restore.

Good, I got it right, and you have ACK.

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]